Home » Technology » Greenbone OS: Release History 

Greenbone OS: Release History

Please read in our Learning Center about how to execute a upgrade and what to consider for this: GSM: Upgrade

Every 2 to 4 month new and improved features are made available as an upgrade.

2011-12-12: Greenbone OS 1.7.0

top^

Latest patch level: 1.7.0-17 (2012-02-07)

Important note: Even when the upgrade status shows the upgrade is finished, a background process still runs an update for upto 2 hours.

During this time neither a reboot nor a scan should be executed.

Note: The prognosis function is available about one day after the upgrade.

The items marked with (*) will change the default behaviour.

  • New Feature: The new Asset Management offers an overview on all scanned systems independently of the actual scan tasks.

  • New Feature: Current CVE and CPE data are distributed via the Greenbone feed service. These are available in the user interface as direkt cross links wherever CVEs or CPEs are referenced.

  • New Feature: The new SecInfo Management offer direct access to details of CVEs, CPEs and NVTs.

  • New Feature: Prognostic scans allow an upfront analysis about potential vulnerabilities of hosts. This happens without accessing these systems via the network and therefore the scan duration is virtually zero.

  • New Feature: Users can grant read access to other users for their tasks. For any task it is possible to name one or many observers. The task will then appear in the task overview of the observer users.

  • New Feature: Users can configure their time zone. Any times visible in the web interface will be adapted accordingly for them.

  • (*) XML Report Format and OMP: For any timestamp ISO 8601 format is now applied including timezone information.

    Please pay attention about the following aspects of this change:

    • In case you are using Greenbone Security Desktop you have to update to Version 1.2.1 or higher. From this version on, the ISO timestamps are handled properly.

    • In case you have exported XML reports with GOS prior 1.7, timestamps are implicitely in UTC timezone. Importing such a report with GOS 1.7 or higher will apply the timezone of the user if no timezone is explicitely provided in the report. So, in case users need to adjust the timezone for a imported report, they can temporarily configure their own timezone to the one that corresponds to the report in order to execute the import. Old non-ISO timestamps are of course properly handled in general and the maximum timeshift that could happen is the distance between the timezones.

      A XML report created with GOS 1.7 or newer can not be imported with a GOS rlease prior 1.7.

    • In case you have established an indivual processing chain via OMP, you should adapt the processing to the new ISO 8601 timestamps. This is not mandatory if the timestamps are only processed as character strings.

    • In case you are using imported Report Format Plugins you have to remove them and import the respective updates for GOS 1.7. New versions of our plugins can be found on our Report Format Plugins overview.

  • (*) PDF/HTML/Text Reports: Will now contain, if available, the hostname addtionally to the IP address. No special Scan-Configurations are necessary for this anymore.

  • (*) OMP 3.0: The version identification of the OMP protocol increases for GOS 1.7 due to the timestamp changes described above from 2.0 to 3.0.

    In case you have individual processing chains based on OMP, you might have to consider the change in the version identification on the one hand and the new timestamp format ISO 8601 on the other hand.

  • Overrides: It is now possible to set a validity duration for a override. After tolerated validity, the overrides are automatically deactivated.

  • Notes: It is now possible to set a validity duration for a note. After tolerated validity, the notes are automatically deactivated.

  • GOS Admin: The CLI Admin interface for the base configuration of Greenbone OS is extended with a first version of comfortable dialog-driven menus.

  • Web-GUI: The navigation transforms from the left-hand side box into a horizontal menu.

Patch level:

  • 1.7.0-17 (2012-02-07): Bugfix for manually issued escalators regarding filters. Improved web interface: If NVT names are abbreviated, now a tooltip offers full name including OID. Extended gos-admin-menu.

  • 1.7.0-16 (2012-01-26): Improved performance of SCAP data synchonisation. Bugfix for escalators that directly use a report plugin format. Extended gos-admin-menu.

  • 1.7.0-15 (2012-01-23): Host details become as host scans complete, not only as whole network scan finishes. Bugfix for Feed connection in restricted environments. Bugfix for restoring Target objects from trashcan. Bugfix for GOS logging.

  • 1.7.0-14 (2012-01-10): Bugfix for Chrome browser, bugfix for report format plugin removal, updated gos-admin-menu

  • 1.7.0-13 (2011-12-22): Bugfix for timezone setting

  • 1.7.0-12 (2011-12-12): First customer release of 1.7.0

2011-08-18: Greenbone OS 1.6.0

top^

Latest patch level: 1.6.0-8 (2011-08-18)

Important note: This upgrade will take considerably longer than previous ones. Even when the upgrade status shows the upgrade is finished, a background process still runs an update for upto 2 hours.

During this time no scans should be executed.

Background is an internal cache rebuild for the Greenbone Security Feed in order to take advantage of recent improvements of our feed server.

The items marked with (*) will change the default behaviour.

  • New Feature: Delta-Reports

    Two reports of a task can be selected for direct comparison. The resultung delta-report shows results that are the same, are gone or are new. For results where the content changed, all changed text lines are shown in a color-coded summary.

  • Extended Feature: Container Tasks now can carry more than a single report. Importing additional reports to the same Container is now easily possible.

    The delta-report function is also available for container tasks. Which means, reports of different origin can be compared.

  • New Feature: Result details

    Within the report details view there is now a details-icon for each result and will open the single result on its own page.

  • Authenticated scans via SSH: The number of supported cryptographic algorithms significantly increased. This makes it possible to include device categories into authenticated scans that allow no or reduced SSH configuration.

  • Escalators: It is now also possible to add a report as an attachment to an email.

  • Scan intensity: The settings for scan intensity that determine the scan performance were moved fom Scan Configuration to Task. This allows to increase or decrease scan intensity of a task for subsequent scans. Namely this is done via the parameters for maximum number of concurrently executed tests and of concurrently scanned target systems.

  • Report details: Hostnames are now shown additionally to plain IPs in the host overview table.

  • Header of web interface now carries indicator icon on successful actions. The large information boxes that appeared upon successul actions are remove therefore.

  • (*) Setting up SSL certificate: The default for "sslreq" now create keys with 2048-bit instead of 1024-bit.

2011-06-11: GSM 1.5.0 mit GSA 3.0-2

top^

Latest patch level: 1.5.0-7 (2011-06-29)

The items marked with (*) will change the default behaviour.

Important note: This upgrade especially changes the way public/private SSH keys are used. In case you are using such key pairs, please read carefully the note below.

  • New feature: Comfortable Trashcan

    Deleted objects are first moved into the trashcan and can be restored any time.

    The trashcan is well structured with a table of contents and allows to ultimately delete single objects and of course to empty the whole trashcan.

  • New Feature: Import of reports.

    The newly introduced "Container"-Tasks allows to import a report in XML format. The full range of analysis and processing methods is then applicable to the imported report.

  • New Feature: Connector for Sourcefire Defense Center

    The connector is available in the form of an additional escalator. It executes a secure transfer to your Sourcefire Defense Center.

  • Extended Feature: The web interface now allows to set the number of results per page in the results filter.

  • Extended Feature: The web interface for results now provides an overview on the detected operating systems.

  • Extended Feature: For targets now a port for SSH-Credential can be specified. Pre-defined, also for existing targets is 22.

  • (*) Improved Feature: Keypairs are now specified directly as part of a credential.

    Important note: In case you already have such key pairs uploaded to a Scan Configuration, these will be deleted when executing the upgrade. Tasks with such Scan Configurations will stop doing authenticated tests after an upgrade and thus deliver less results.

    In case you only used the function "autocreate" for Credentials to create key pairs, then your are not affected and there is no need for action.

    Please ensure that you have a backup of the SSH public keys and the SSH private keys before running the upgrade. If you don't have a backup of the keys elsewhere, you can download the keys from the Scan Configuration details dialog. After the upgrade you can upload the keys again, now as part of a new Credential.

    In case existing Tasks with old key pairs must continue to scan with the very same behaviour, please contact our support team for a individual migration.

  • Extended Feature: Escalators can be executed at any time for any reports or partial results.

  • Upgrade Nmap: The integrated network mapping tool is updated to version 5.51.

  • New feature: Time for automatic feed update configurable

    In the CLI Admin environment you can now use the setting "synctime" for your prefered time of daily synchronisation with our feed service.

  • New feature: Offline Feed update

    Using a USB stick the current Feed can be transfered from a online GSM to a GSM that has no direct connection to the Internet.

  • (*) Remote SSH login available after boot process completed.

    After a boot or reboot, now GSM takes care to launch all services before remote command line access is enabled.

2011-04-15: GSM 1.4.2 with GSA 2.0.1

top^

Note: This version is a important security update. It is highly recommended to update to this version.

The items marked with (*) will change the default behaviour.

  • (*) Report Format Plugins: It is now mandatory to have a successful signature verification in order to use a imported plugin.

    The behaviour for pre-defined plugins remains the same.

  • Navigation in GSA: The entry "Administration->Settings" was removed. It contained only redundant or irrelevant information.

2011-03-07: GSM 1.4.1 with GSA 2.0.1

top^

Note: Version 1.4.1-4 was online for a short time period and contained an error regarding NVT updates. It is highly recommended to update to 1.4.1-5.

The items marked with (*) will change the default behaviour.

  • (*) Change of Greenbone Security Assistant web access from HTTP BasicAuth to a session-based method.

    Instead of a Browser-side dialog for login, now the login dialog of GSA itself is used. The new session management works with random tickets and therefore better prevents unauthorized use.

  • (*) Scans focus to given ports now pre-defined.

    Limiting the port range for a scan will now make scans faster and reduce the number of messages that are not directly linked to the given scan focus.

    All pre-defined Scan Configurations are changed to the new behaviour. All other Scan Configurations remain unmodified. The Scan Configurations in our download area were updated to the new behaviour.

  • (*) Pre-defined Scan Configurations without w3af.

    The web application scanner is turned off for the pre-defined Scan Configurations. This makes regular scans for larger networks significantly faster. Tasks where one of the pre-defined Scan Configuration was used will then not show results for w3af anymore compared to previous runs.

    For special web application scanning it is easy to configure a Scan Configuration with activated w3af. Alernatively you can use our prepared Scan Configuration for web application scanning.

2011-01-19: GSM 1.4.0 with GSA 2.0-1

top^

The items marked with (*) will change the default behaviour.

  • New Feature: Master-Slave Setup

    A Master-Slave setup allows load balance, spatial distribution and also the control of multiple GSM's located in separate security zones.

  • New Feature: Report Format Plugin-Framework

    A Report Format converts a scan result into a report. This could be a PDF or HTML document, a pie or bar chart, a import file for a IDS or a toplogic or geographic map of the network.

    The Greenbone Support team creates inidvidual report templates on request. These can be uploaded and acvitiates via the GSA user interface.

  • Targets: Extended opportunities to specify IP ranges and increased size limit for lists of single addresses.

  • Targets: Instead of a single Credential for both, SMB and SSH, at the same time now it is possible to set a Credential separately for each of them.

  • Escalators: Extended functionality that allows to select Email content from a selection of Report Formats.

  • (*) NTLMSSP Support: All pre-defined Scan Configuration (for example 'Full and Fast') are changed to support NTLMSSP by default. Any Task using one of the configurations might deliver more detailed results when combined with credentials and scanning a recent Windows release.

    Any other Scan Configuration remains as is. Any Scan Configuration downloadable from the Greenbone website has been updated to include NTLMSSP support.

    Please don't hesitate to send any questions related to this change to our support team.

  • (*) OMP: The central protocol for remote controlling GSM considerbly extends with this new GSM version. Small changes to unify the API are also included. Please contact our support team in case you are using OMP already and have questions related to OMP changes.

  • (*) Port Range now part of Target: The range of ports that are scanned for each target system moves from the Scan Configuration into the Target. After all, the port range is part of the the definition of what is scanned.

    Automatic migration: For all of your tasks the port range is moved from the linked scan configuration into the linked Target. In the case that a Target is linked to multiple Tasks, the automatic migration routine will create copies of the Target and link it properly with the respective Tasks.

    For example, if you are using a Target "Webservers" in 3 Tasks, after the migration you will find these entries in the Target list: "Webservers", "Webservers Migration 1" and "Webservers Migration 2". The scanning behaviour does not change at all.

2010-11-03: GSM 1.3.1 with GSA 1.0.2

top^

The items marked with (*) will change the default behaviour.

  • Extended Feature: Centralized user management via Univention Corporate Server

    For the Univention Corporate Server (UCS) 2.3 a extension is provided to allow full GSM user admininistration. UCS-managed accounts can easily be flagged as authorized GSM users.

  • Various improvements and fixes of minor bugs

2010-09-20: GSM 1.3.0 with GSA 1.0.2

top^

The items marked with (*) will change the default behaviour.

  • Central new Feature: False-Positive management

    The new severity filter (overrides) does not only allow comfortable tagging of false positives. This feature allows the management of a complete individual threat classification.

  • Improvements in user interface of web client GSA

  • Improved performance for intensive scans

  • New Feature: Centralized user management via LDAP

    A interface to connect to LDAP-based authentication and auhorization allows to manage GSM user accounts via a central system.

    Ontop of this, profiles for various directory services can be established. Please contact the Greenbone Support for a individual profile.

  • New Feature: Support of agents

    Coordinating with customers, Greenbone creates special so-called agent programs. These are installed on a target systems and controlled via the GSM. For validity checks, the agent installation packages can be stored on the GSM. Up-to-date validity information about agents are part of the Greenbone Security Feed.

  • New Feature: VHosts support

    It is now possible to specify a number of virtual web hostnames for a IP address. These "vhosts" will all be tried during a scan in order to detect the different services that are behind a central web server.

2010-06-15: GSM 1.2.0 with GSA 1.0.0-7

top^

The items marked with (*) will change the default behaviour.

  • New Feature: Pausing a scan

    Running scans can be paused. In contrast to stopping a task, the scan is not aborted, but rather all network activity is hold back until the scan is resumed.

  • Task status: Progress of stopped or paused scan now displayed

    Instead of just "Stopped" or "Paused", the task status now shows for example "Stopped at 8%" or "Paused at 20%".

  • Result Filter: CVSS Support

    It is possible to filter results with a given minimum CVSS value.

  • Result Filter: Supressing of hosts with no results possible.

  • (*) Task Details: Direct download supresses now hosts without results according to the default filter.

  • Scan Config Family Details and Scan Config NVT Details: Risk category (always) and CVSS-Wert (if present) of NVTs is shown.

  • (*) Optimization of pre-defined scan configurations (Full and Fast etc.)

    For all target hosts now a ping is executed and hosts that do not answer will not be considered for the subsequent scan. This accelerates especially those scans with large IP ranges and few active hosts. In cases where active systems intentionally will not react upon ping, a scan configuration without upfront ping test should be used, for example Full-and-fast-all-IPs.xml.

  • Escalators: New condition for threat level changes between two subsequent scans.

  • NVT Preferences: Upload of files improved. Download now also possible.

  • Reports: Start and end scan times for each single host are now provided.

  • Support of NTLMSSP.

  • CLI-Admin: Feed management now also possible via console (current version, sync start and sync progress).

  • CLI-Admin: Software management now also possible via console (current version, download and upgrade).

  • CLI-Admin: Software upgrade, backup/resotore management: maximum duration drops from 2 hours to 1 hour.

2010-04-27: GSM 1.1.0 with GSA 1.0.0-6

top^

  • New Feature: Schedules

    A schedule describes a start time and optional a repeat interval and a maximum scantime. Linking a scan task with a schedule and a EMail escalator establishes a automatic background vulerability alarm system.

  • New Feature: Resume stopped scans

    Running scans that were stopped via the respective button or by other circumstances can now be resumed.

  • New Feature: Task editor

    A new dialog allows to change title, comment, schedule and escalator of a scan task.

  • The Feed management page of GSA now shows the version of the Feed as present on the GSM.

  • NVT details: Risk factor and CVSS risk were added to the overview.

  • Improved service detection.

  • The server time (UTC) is displayed in the header of GSA.

  • The Feed synchronisation process has been accelerated.

  • The help system is now integrated in a dynamic way. Thus you can see the logged in user and server time now also in the help system.

  • Upgrade of the integrated web aplication scanner w3af.

2010-03-11: GSM 1.0.1 with GSA 1.0.0-5

top^

  • Significant acceleration of web interface.

  • New Feature: Notes Management.

    Each single result of a report can be associated with an individual note. It is possible to generalize the note regarding IP, severity or port in order to attach the note to any past and future report where the same condition is present. The notes can also be included into the PDF reports.

  • New Feature: ITG report format for tabular summaries of IT-Grundschutz compliance checks.

    If an IT-Grundschutz Scan was executed, it contains tabular overviews of the outcome of the tests. The download of an ITG report delivers a CSV file which could be directly imported into a spreadsheet application, a database or some other specialised application.

  • New Feature: CPE report format for tabular summary of CPE inventory lists.

    If a CPE-based Inventory Scan was executed, it contains tabular overviews of the outcome of the tests. The download of a CPE report delivers a CSV file which could be directly imported into a spreadsheet application, a database or some other specialised application.

  • Improved WMI Support: This will allow the IT-Grundschutz checks to collect even more results.

  • Various graphical improvements to the web interface as well as to the report types PDF and HTML.

  • Improved import of scan configurations.

  • Improved support for further browsers such as Konqueror.

  • Improved multi-user handling.

  • Improved Reports: Non-printable characters are replaced by blanks.


Greenbone Networks GmbH © 2009-2012
All rights reserved.
Contact
FAQ